Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LJ3GoN5UQQ9WFYhXnfTx50I2xZk.roa
File: LJ3GoN5UQQ9WFYhXnfTx50I2xZk.roa (raw, json)
Hash identifier: pSlE31YFEeD7xZlCKOlf5cS8xqam2yxo6XgjDqDy8F0=
Subject key identifier: 2C:9D:C6:A0:DE:54:41:0F:56:15:88:57:9D:F4:F1:E7:42:36:C5:99
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018F86425322CB6741F7DED2A6F1A6273073
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LJ3GoN5UQQ9WFYhXnfTx50I2xZk.roa
Signing time: Fri 17 May 2024 11:14:04 +0000
ROA not before: Fri 17 May 2024 11:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202147
IP address blocks: 88.98.112.0/20 maxlen: 24
185.51.108.0/22 maxlen: 24
188.241.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 15:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:42:53:22:cb:67:41:f7:de:d2:a6:f1:a6:27:30:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: May 17 11:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c9dc6a0de54410f561588579df4f1e74236c599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:94:5f:ab:90:ca:d6:a5:f7:39:73:4f:81:
73:43:a3:85:41:f2:13:8a:2e:42:ef:85:e5:ba:69:
d6:d2:73:ee:91:5b:f1:fd:e6:bf:c5:1b:fd:6a:f0:
94:aa:c2:66:55:5d:5d:86:a0:90:9c:82:97:58:ea:
18:db:d2:a7:65:06:fc:21:4f:fc:cd:b6:8a:f5:35:
da:fb:a7:52:e3:30:76:97:59:15:99:74:7f:99:90:
8b:68:43:84:c3:11:b3:b7:72:3e:6d:38:84:4f:9a:
00:10:32:08:ae:76:48:fa:1a:02:55:d7:52:89:21:
48:73:3e:2a:fb:57:ca:4e:c4:5c:29:6c:fe:86:e4:
59:bc:0a:5e:38:f8:1a:b4:67:ae:18:e6:98:46:16:
60:e2:ce:49:fd:c9:60:6b:63:e5:aa:ec:ce:27:60:
65:eb:06:6d:88:54:fc:50:c4:1c:53:88:87:9f:2b:
52:9c:8f:8d:af:23:0f:78:82:7a:bd:87:54:91:c7:
37:2f:1a:63:8e:8d:2f:87:f8:d4:13:64:d0:2b:d0:
d6:71:53:d6:a5:4b:57:6a:45:42:08:b6:f6:5c:1b:
fd:f8:64:64:e9:39:9a:b2:59:0d:87:f2:30:92:02:
50:76:bd:9c:a9:17:90:25:05:c7:84:ef:76:8e:91:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9D:C6:A0:DE:54:41:0F:56:15:88:57:9D:F4:F1:E7:42:36:C5:99
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LJ3GoN5UQQ9WFYhXnfTx50I2xZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.98.112.0/20
185.51.108.0/22
188.241.96.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:b5:2d:44:11:cf:68:0e:50:e5:49:68:7e:50:2b:bc:e2:18:
07:50:a4:15:15:6d:7d:c0:4c:e4:11:ce:de:c5:d4:66:7f:67:
12:b1:56:0f:84:92:3e:a2:48:40:f4:da:74:64:30:84:42:5c:
f5:b6:83:63:e0:d8:c9:cc:5d:a2:bd:18:73:76:22:cb:d3:55:
d4:a8:8b:f0:50:86:74:9d:f3:79:e0:57:8f:06:0b:88:0a:0b:
8f:fb:48:77:3f:28:7d:0e:14:f0:b1:68:dd:e7:b2:18:06:79:
82:64:72:7a:ed:43:31:b3:94:a6:92:c6:e2:50:30:f1:f7:c6:
74:23:07:85:de:c6:2a:4e:6f:f2:6f:a0:83:fc:f8:bd:33:21:
32:44:32:16:1a:08:d4:5e:dd:a1:8c:df:27:69:39:98:2d:85:
bf:b2:af:4b:6e:d2:fb:93:3f:87:e6:70:0d:ba:6f:2b:68:3d:
07:0c:02:49:f8:68:de:63:c0:7d:fc:24:4f:95:2e:f6:41:d8:
68:69:a6:18:46:7e:09:0b:60:49:cf:ff:7b:bf:97:eb:4a:84:
17:38:85:26:a7:80:d7:f0:df:f7:d7:99:f1:bd:37:b5:93:fb:
b8:d6:dd:21:12:c1:0b:f9:12:7d:b3:6e:9b:88:b0:73:6d:00:
d7:45:c3:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+GQlMiy2dB997SpvGmJzBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNTE3MTExNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzlkYzZhMGRlNTQ0MTBmNTYxNTg4NTc5ZGY0ZjFlNzQyMzZjNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4mUX6uQytal9zlzT4FzQ6OFQfIT
ii5C74XlumnW0nPukVvx/ea/xRv9avCUqsJmVV1dhqCQnIKXWOoY29KnZQb8IU/8
zbaK9TXa+6dS4zB2l1kVmXR/mZCLaEOEwxGzt3I+bTiET5oAEDIIrnZI+hoCVddS
iSFIcz4q+1fKTsRcKWz+huRZvApeOPgatGeuGOaYRhZg4s5J/clga2PlquzOJ2Bl
6wZtiFT8UMQcU4iHnytSnI+NryMPeIJ6vYdUkcc3Lxpjjo0vh/jUE2TQK9DWcVPW
pUtXakVCCLb2XBv9+GRk6TmaslkNh/IwkgJQdr2cqReQJQXHhO92jpER3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCydxqDeVEEPVhWIV5308edCNsWZMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTEozR29ONVVRUTlXRlloWG5mVHg1MEkyeFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWGJwAwQC
uTNsAwQDvPFgMA0GCSqGSIb3DQEBCwUAA4IBAQC6tS1EEc9oDlDlSWh+UCu84hgH
UKQVFW19wEzkEc7exdRmf2cSsVYPhJI+okhA9Np0ZDCEQlz1toNj4NjJzF2ivRhz
diLL01XUqIvwUIZ0nfN54FePBguICguP+0h3Pyh9DhTwsWjd57IYBnmCZHJ67UMx
s5SmksbiUDDx98Z0IweF3sYqTm/yb6CD/Pi9MyEyRDIWGgjUXt2hjN8naTmYLYW/
sq9LbtL7kz+H5nANum8raD0HDAJJ+GjeY8B9/CRPlS72QdhoaaYYRn4JC2BJz/97
v5frSoQXOIUmp4DX8N/315nxvTe1k/u41t0hEsEL+RJ9s26biLBzbQDXRcNn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org